When maxTimeSinceAuthn is used, valid time interval is miscalculated when IdP time is a few seconds ahead of SP time

Description

If IdP time is ahead of SP time, valid time interval is miscalculated when using maxTimeSinceAuthn.
Skew needs to be taken into account to prevent the calculation ending up negative.

Environment

None

Activity

Fixed

Details

Assignee

Reporter

Fix versions

Affects versions

Created June 16, 2011 at 3:29 PM
Updated July 7, 2011 at 1:56 AM
Resolved June 25, 2011 at 5:24 AM